[TYPO3-core] RFC: #10040: define Default GET-vars
Steffen Kamper
info at sk-typo3.de
Thu Jan 1 17:12:19 CET 2009
Hi,
attached patch takes your comments into account
* use defaultGetVars for naming
* writes GET only if they are modified
Benjamin Mack schrieb:
> b) don't know really, but wasn't there a security option in TYPO3 to
> make _GET and _POST only read-only?
>
i don't see a security issue here as you only can set default vars in
config.
Same method for extensions does exist.
vg Steffen
Martin Kutschker schrieb:
> Steffen Kamper schrieb:
>> Hi,
>>
>> This is SVN patch request.
>> Type: Feature
>>
>> Bugtracker references:
>> http://bugs.typo3.org/view.php?id=10040
>>
>> Branches: trunk
>>
>> Problem:
>>
>> There is no way to set default values for GET-vars as you know from
>> extensions where you can set _DEFAULT_PI_VARS
>
> For plugins the name is chosen to avoid conflicts with user defined
> names for "config" we can use better ones, eg "defaultGetVars".
>
> Maybe it makes sense to write back the GET variables only when they are
> modified:
>
> if (is_array($this->config['config']['_DEFAULT_GET_VARS.'])) {
> $getVars = t3lib_div::_GET();
> $modified = false;
> foreach ($this->config['config']['_DEFAULT_GET_VARS.'] as
> $key => $value) {
> $getVars[$key] = $value;
> $modified = true;
> }
> }
> if ($modified) {
> t3lib_div::_GETset($getVars);
> }
> }
>
> Masi
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 10040_v2.diff
Url: http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20090101/2a12884f/attachment.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: defaultGetVars.doc.txt
Url: http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20090101/2a12884f/attachment-0001.txt
More information about the TYPO3-team-core
mailing list